InfoSec News 2012-01-30

Posted by on Jan 30, 2012 in ISN | 0 comments

InfoSec News for Monday January 30, 2012.

  1. 4 Sun journos, 1 cop bailed in police bung probe
    Cuffed on suspicion of corruption after tip-off from News Corp: Police officers investigating allegations of illegal payments to cops as part of a larger probe of News International arrested four journalists on Saturday. All four were either current or former hacks at Rupert Murdoch’s tabloid The Sun. Police also arrested a Metropolitan police service officer at the weekend.
  2. Microsoft’s Kelihos kingpin suspect: It wasn’t me
    Sabelnikov denies botnet herder allegation: The Russian man named by Microsoft as the mastermind behind the Kelihos botnet has stepped forward to plead his innocence.
  3. Google spews out ‘privacy’ email to Sky punters too
    Not just Virgin Media customers fuming over web giant’s intrusion: Sky users have joined Virgin Media subscribers in receiving emails directly from Google about its new privacy policy.
  4. Quantum Trojans undermine security theory
    Can dodgy vendors compromise uncrackable security?: A group of English and Canadian researchers has cast doubt on the nascent push to develop device-independent quantum cryptography standards, asserting that such schemes could be undermined by malicious vendors.
  5. Students busted for hacking computers, changing grades
    ‘Very bright kids’ too bright for their own good: Three high school juniors have been arrested after they devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates.
  6. Adscend denies Facebook, AG allegations
    Adscend Media, the defendant in lawsuits filed this week by Facebook and the Washington attorney general, on Friday denied the allegations in the complaints and shifted blame to its affiliates.
  7. Hawaii legislators bid aloha to controversial data retention bill
    Lawmakers in Hawaii quietly dropped a bill that would have required Internet service providers to collect the browsing histories of Internet users in the state and store the data for at least two years.
  8. Google, Microsoft and Facebook battle phishing with new specification
  9. Bogus “browser update” pages deliver malware
  10. Symantec claims largest ever Android malware find
  11. Lookout claims Symantec crying wolf over Android malware
  12. City staff to review private messages
  13. Twitter buys anti-malware firm
  14. “Curious” nurse snooped in 108 patients’ files
  15. A hacker aqcuired a “a small portion of payment firm’s European EFT business according to SEC filing
  16. Laptops stolen in office burglary contained some clinical and demographic information as well as some Social Security numbers
  17. Personal info on former and current customers exposed on the Internet in a spreadsheet that contained Social Security numbers
  18. Over 400 clients’ records (but no financial info) on laptop stolen from office
  19. Hawaiian University settles data breach lawsuit
  20. 2,131 names, usernames, postal and e-mail addresses, phone numbers, and encrypted passwords dumped on the Internet
  21. Pro-government hactivists deface Al Jazeera coverage of Syrian violence
  22. Hitler painting fetches 32,000 euros in Slovak auction
  23. Android Counterclank Malware Assails Android Market: Symantec
  24. Boxes full of 2,000 personal medical records including names, addresses, phone numbers and social security numbers in a trash can
  25. Student used an application on his cell phone to hack into the school’s computer network
  26. EU 24-Hour Data Breach Notification Rule ‘Unworkable’: ATandT Executive
  27. Sanctions against Iran may destabilize, topple regime by ratcheting up hassle factor: expert
  28. Stealing the Titanic: Artifacts auction draws accusations of grave robbery
  29. Security roundup: The triumph of hactivists, the sorrow of Symantec
  30. Massive Android malware op may have infected 5 million users
  31. Lookout Security rebuts rival’s Android malware claims
  32. Google Privacy Policy Update Challenged by Lawmakers
  33. Customers names, email addresses, billing and shipping addresses, telephone numbers, credit card information and/or a cryptographically scrambled passwords exposed
  34. Man stole numerous customer accounts for more than a year
  35. 650,000 names, email addresses, birth dates and nutritional data due to hacked database
  36. 2,257 Social Security numbers of living veterans was mistakenly released to Ancestry.com as part of a response to a Freedom of Information Act request
  37. Hacker able to view every member’s personal data, photos, pseudonyms and passwords
  38. 7,000 full customer names, complete addresses, dates of birth, Social Security numbers, gender, Medicaid identification numbers, case management information and telephone numbers
  39. Fraudulent purchases made with information from dozens of locals credit and debit cards
  40. Data backup file held by vendor was accessed by an intruder included user names, email addresses and passwords
  41. 391 current and former hospital employees names and Social Security numbers posted on website
  42. 8,000 Social Security numbers and some credit card numbers of prospective students on a public server
  43. SEC Goes After Online Trading Firms That Unwittingly Helped Latvian Hacker
  44. Commerce or chaos
  45. Anonymous targets Mexican websites
  46. Twitter Censorship Move Sparks Backlash: Is it Justified?
  47. FINRA advises brokers to bulk up security
  48. Univ. of Hawaii settles with 98,000 over five breaches
  49. The Lede Blog: Twitter’s New Policy on Blocking Posts Is Attacked, and Defended
  50. White House Presses For New Cybersecurity Laws